Google spills the beans on Android bug

'Revolutionary' mobile OS still has a long way to go

Shares

Google has finally revealed what fixes it has put in place to get Android back up to speed after two key errors were highlighted.

The most recent problem came when it was discovered that users were given top-level administrator privileges automatically on their handsets, and any text they entered could be read as a system command.

The problem was discovered when an unsuspecting user typed 'reboot' in a text, and the phone responded by shutting down and restarting.

The handset is designed to be able to work from a remote device attached by serial port, but given the lack of such an input, the phone just used the keyboard instead.

Big bug

"We tried really hard to secure Android. This is definitely a big bug," Rich Cannings, of the Android security team, said according to ZDNet. "The reason why we consider it a large security issue is because root access on the device breaks our application sandbox."

However, he did say it would be difficult for malicious hackers to exploit the flaw, as it would require the user to download a programme that forced them to type in certain commands to give the hacker access.

The other flaw fixed in the update was the browser vulnerability that meant certain websites with malicious code built-in could be used to assume control of the browser.

The update helped fix this and other problems in the browser, caused by Android shipping with older versions of software, and would allow malicious hackers to assume control of certain parts of the phone.

At least Google can hold its hands up when necessary... albeit only when things have been fixed.